To obtain the HITRUST certification, the client needed to complete numerous activities in a specific time frame related to the Common Security Framework (CSF) created for organizations that create, share, store or access sensitive or regulated health data. The client had numerous specific requirements that needed to be satisfied within a collapsed time frame. As the deadline for completion approached, the client determined they needed assistance driving resolution of these action items.

How We Solved It

Trillium to brought rigor and organization to the issue remediation process. These requirements were related to physical and cyber security, CSF policies and procedures, and documentary evidence that HITRUST requirements were being met by the client. We reviewed the open items to determine the level of expertise needed to remediate them. To that end, we brought in Subject Matter Experts (SMEs) to drive the remediation of the items, while also assisting on activities where multiple actions were required. Trillium ensured that the issues were resolved on time so that the onsite inspection by HITRUST could be scheduled for final approval.